Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Can't SSH to dropbear.

Can't SSH to dropbear.

juanjuan Member
edited October 2012 in Help

Hi, i'm running Debian6 and followed this setup lowendvpsconfig. After the setup, my vps ran for 20+ days, until later this day there have been a downtime. So i rebooted my server, and i can't putty to my vps anymore. Although i can access it thru VNC and i already tried to restart dropbear and reboot the vps too.

Running netcat to dropbear port, I get

nc localhost port SSH-2.0-dropbear_0.52

I also have tried to flush my iptables for ip blockage. What else could i be missing here? Thanks.

Juan

Tagged:

Comments

  • Last time I had it was because I messed up with my network interfaces, check ifconfig and see if you have your public IP address listed somewhere there, it should be venet0 or venet0:0 for OVZ and eth0 for KVM.

    http://BornIn.Asia - FREE shared hosting and subdomain service for LET members! See here for how to get one yourself!
    Have a domain that you have no use for at the moment? Click here to see how you can help! 96Forum: Low End VPS Discussions
  • I'm on KVM, and this is my ifconfig

    ifconfig

    eth0 Link encap:Ethernet HWaddr 00:17:3c:e5:5d:e0 inet addr:xxx.xxx.xxx.xxx Bcast:xxx.xxx.xxx.xxx Mask:255.2555.2555.0

    do i change the listening address from the only_from option?

    socket_type = stream only_from = 0.0.0.0 wait = no user = root protocol = tcp server = /usr/sbin/dropbear server_args = "-i -g" disable = no type = unlisted

    I'll list my rules for SSH on iptables if this could help

    -A INPUT -p tcp -m tcp --dport 222 -m state --state NEW -m recent --set --name DEFAULT --rsource -A INPUT -p tcp -m tcp --dport 222 -m state --state NEQ -m recent --update --seconds 180 --hitcount 2 --name DEFAULT --rsource -j DROP -A INPUT -p tcp -m state --state NEW --dport 222 -j ACCEPT

    Juan

  • Is dropbear better than openssh?

  • better for low end vps, i guess. It uses less memory.

    Juan

  • @juan Try running this and posting the output. I don't use debian much.

    http://www.debian-administration.org/articles/184

    @cosmicgate Just uses less memory I think, so it's good for the 32/64mb LEBs.

  • :~# netstat -a | grep LISTEN | grep -v unix tcp 0 0 localhost:mysql : LISTEN tcp 0 0 localhost:spamd : LISTEN tcp 0 0 :imap2 *: LISTEN tcp 0 0 :ssh *: LISTEN

    Anyway, my host is down again right now so i can't do anything. Now i wonder if my provider may be the culprit of whats causing this?

    Juan

  • NickNick Member
    edited October 2012

    @cosmicgate said: Is dropbear better than openssh?

    Nope. It is slower, has less features, development is few and far between, has gone periods where there were no security updates for years. I don't see the point in putting my server at risk to save a few hundred KB of RAM at most.

    Thanked by 2averell tux
  • @Nick said: few hundred KB of RAM at most

    it is like almost 2mb per connection

  • NickNick Member
    edited October 2012

    @netomx said: it is like almost 2mb per connection

    If you are running some sort of shell account service then that would make a lot of sense as the RAM usage would add up quickly. It's all personal preference really, but I don't squeeze my VPS so much that I don't have 2MB of RAM to spare for an SSH connection.

  • From what you've posted so far I can see that dropbear is running on port 22 while you're iptables rules are for port 222. Also your netmask on your ifconfig output shows 255.2555.2555.0

    Either the above are copy/paste typos, or something is messed up on your config.

    Fusioned | KVM SSD VPS | LSI RAID10 | Netherlands 1Gbps | R1Soft | IPv4 & IPv6 | SolusVM
  • Yea something looks weird. Did you recently upgrade the system or something? I've had that same config running for years now (literally). Still chugging along.

    Signatures are to identify who I am. I'm me. Who the hell are you?

  • @Nick said: It is slower

    Hmm, I've always felt like it was faster.

    Thanked by 1netomx
  • @juan so, did you get your issue resolved?

    Fusioned | KVM SSD VPS | LSI RAID10 | Netherlands 1Gbps | R1Soft | IPv4 & IPv6 | SolusVM
  • @Nick said: but I don't squeeze my VPS so much that I don't have 2MB of RAM to spare for an SSH connection.

    Well, it is just some kind of try to squeeze all that you can :P

  • @Nick said: I don't see the point in putting my server at risk to save a few hundred KB of RAM at most.

    By which you mean 6-7MB. I stripped a BuyVM 128OVZ running Debian 6 down as far as I could with only syslog, cron, and openssh running. 13MB in use. Switched to dropbear and got it down to 6MB.

    Of course it has less features. That's how it uses a fraction of the RAM. I for one don't need those features (tunneling and whatnot). All I need is the ability to restrict root logins and use pubkey auth. My dropbear.conf is 3 lines. Claiming it's slower is just ridiculous. It's a remote shell. What exactly are you expecting?

    It's not for everyone, but don't act like the memory savings is totally insignificant in the context of LEBs.

  • @Fusioned_George : Not yet, I'm still waiting for my vps to turn back up. The provider is migrating all VPS to a new location. I'll update this thread as soon as possible.

    Juan

  • @Soylent said: It's not for everyone, but don't act like the memory savings is totally insignificant in the context of LEBs.

    I'm just drawing conclusions based off my own testings with Dropbear. It's not scientific, it's anecdotal, but that's what I experienced.

Sign In or Register to comment.